Deeplinks Blog posts about Security

As part of our Open Wireless Movement, we set out to create router software that would make it easier for people to safely and smartly share part of their wireless network. Protecting hosts, so their security is not compromised because they offer open networks, is one of the goals of the router software we released. However, as research published by Independent Security Evaluators (ISE) and others has shown, almost every popular home router has serious security flaws.

In developing the router software, we realized that we also needed to tackle the more fundamental problem of home router security. Instead of just creating an open-wireless friendly router, why not work to improve router security while we're at it?

Good security practices require us to use different passwords for most or all of the websites and services we interact with. For accounts of any significance, those also need to be strong passwords of one form or another. But if you combine those two requirements (one password per site, most or all passwords are strong) then remembering all of your passwords requires an inhuman display of memory. Of course, when we need to perform inhuman tasks, we use software. And in this case, we use password stores and generators of various sorts. There are a lot of options for password managers out there, but if like us you prefer all of your security-sensitive code to be free, auditable software, then the choices are more limited.

EFF is releasing an experimental hacker alpha release of wireless router software specifically designed to support secure, shareable Open Wireless networks. We will be officially launching the Open Wireless Router today at the HOPE X (Hackers on Planet Earth) conference in New York City, aiming to bring aboard members of the hacker community. This release is a work in progress and is intended only for developers and people willing to deal with the bleeding edge.

When faced with a digital emergency—whether someone has hijacked your social media account or your website is being DDoSed—it can be difficult for non-technical people to discern what the problem is and what the appropriate next steps may be for seeking help. To help fill this niche in the universe of privacy and security guides, a group of NGOs ( including EFF, Hivos, Internews, VirtualRoad, and CIRCL) have teamed up to write a guide that combines advice for self-assessment with advice for “first responders” to help non-technical users all over the world identify and respond to their digital emergencies.